Disclosed Chromium Security Bugs

Security: Fatal error in src/compiler/turboshaft/operations.cc, line 152

#411802156Reporter: da...@gmail.com
$7,000
8/29/2025

backmerge roll of libvpx with security fix for uaf

#419467315Reporter: am...@chromium.org
$0
8/29/2025

CHECK failure: ref.IsSmi() || ref.IsHeapNumber() || ref.AsHeapObject().GetHeapObjectType(broker

#419099999Reporter: 24...@project.gserviceaccount.com
$0
8/29/2025

Copy as Curl (CMD) Leads to code execution on windows

#406631048Reporter: am...@gmail.com
$1,000
8/28/2025

blink_crabbyavif_decoder_fuzzer: Heap-use-after-free in _free_base

#418486364Reporter: 24...@project.gserviceaccount.com
$0
8/28/2025

blink_crabbyavif_decoder_fuzzer: Heap-use-after-free in dav1d_msac_init

#418520142Reporter: 24...@project.gserviceaccount.com
$0
8/28/2025

DCHECK failure in !Is(get(index, kRelaxedLoad)) in contexts-inl.h

#419081101Reporter: 24...@project.gserviceaccount.com
$0
8/28/2025

heap-use-after-free in cc::TileDisplayLayerImpl::Tiling::SetTileContents in GPU process

#415631307Reporter: 0x...@gmail.com
$0
8/28/2025

glslang:compile_fuzzer: Crash in glslang::TInfoSinkBase::location

#441210574Reporter: 87...@developer.gserviceaccount.com
$0
8/27/2025

tmux:input-fuzzer: Heap-buffer-overflow in input_c0_dispatch

#440602507Reporter: 87...@developer.gserviceaccount.com
$0
8/27/2025
Showing 151-160 of 8555 bugs
1...151617...856